Updates to Runtime Protection in macOS Sequoia

Apple recently announced an update to runtime protection in macOS Sequoia, changing how users interact with non-notarized software. As of August 6, 2024, users can no longer use the Control-click method to override Gatekeeper for software that isn't correctly signed or notarized. Instead, they must navigate to System Settings > Privacy & Security to review and approve the software before it can run.

Changes in macOS Sequoia

Previously, macOS allowed users to bypass Gatekeeper's restrictions by Control-clicking the application, selecting Open, and confirming the action. This method posed security risks by potentially allowing malicious software to run with minimal user scrutiny.

With macOS Sequoia, this method has been removed. Now, users must:

1. Navigate to System Settings.
2. Go to Privacy & Security.
3. Review security information for the software.
4. Approve the software to run.

This change aims to reduce the risk of social engineering attacks.

Developer and Community Reactions

The development community has been aware of this change for some time. Many users noted the shift early on in the beta releases of macOS Sequoia. The broader sentiment is a mix of understanding and frustration. While the increased security is appreciated, the added steps can be seen as cumbersome, particularly for power users and developers who frequently test and run non-notarized software.

For developers distributing software outside the Mac App Store, it’s a step towards Apple making it harder. A slight step, but it’s been a constant erosion over the past many updates.

The update to runtime protection in macOS Sequoia enhances user security by requiring approval for non-notarized software through System Settings. For developers, using the Apple notary service is now more important than ever to ensure a smooth and secure user experience. Staying informed and adapting to these changes is crucial for maintaining software security and user trust.